Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Fixed issue: Images inserted into HTML emails were not properly linke…
…d to the server
  • Loading branch information
c-schmitz committed Apr 27, 2012
1 parent cd41aa5 commit b3422d1
Show file tree
Hide file tree
Showing 3 changed files with 129 additions and 94 deletions.
152 changes: 79 additions & 73 deletions admin/scripts/kcfinder/core/autoload.php
@@ -1,95 +1,101 @@
<?php <?php


/** This file is part of KCFinder project /** This file is part of KCFinder project
* *
* @desc Autoload classes magic function * @desc Autoload classes magic function
* @package KCFinder * @package KCFinder
* @version 2.21 * @version 2.21
* @author Pavel Tzonkov <pavelc@users.sourceforge.net> * @author Pavel Tzonkov <pavelc@users.sourceforge.net>
* @copyright 2010 KCFinder Project * @copyright 2010 KCFinder Project
* @license http://www.opensource.org/licenses/gpl-2.0.php GPLv2 * @license http://www.opensource.org/licenses/gpl-2.0.php GPLv2
* @license http://www.opensource.org/licenses/lgpl-2.1.php LGPLv2 * @license http://www.opensource.org/licenses/lgpl-2.1.php LGPLv2
* @link http://kcfinder.sunhater.com * @link http://kcfinder.sunhater.com
*/ */


require_once(dirname(__FILE__).'/../../../../config-defaults.php'); require_once(dirname(__FILE__).'/../../../../config-defaults.php');
require_once(dirname(__FILE__).'/../../../../common.php'); require_once(dirname(__FILE__).'/../../../../common.php');
require_once(dirname(__FILE__).'/../../../admin_functions.php'); require_once(dirname(__FILE__).'/../../../admin_functions.php');


$usquery = "SELECT stg_value FROM ".db_table_name("settings_global")." where stg_name='SessionName'"; $usquery = "SELECT stg_value FROM ".db_table_name("settings_global")." where stg_name='SessionName'";
$usresult = db_execute_assoc($usquery,'',true); $usresult = db_execute_assoc($usquery,'',true);
if ($usresult) if ($usresult)
{ {
$usrow = $usresult->FetchRow(); $usrow = $usresult->FetchRow();
@session_name($usrow['stg_value']); @session_name($usrow['stg_value']);
} }
else else
{ {
session_name("LimeSurveyAdmin"); session_name("LimeSurveyAdmin");
} }

session_set_cookie_params(0,$relativeurl.'/');


if (session_id() == "") @session_start(); session_set_cookie_params(0,$relativeurl.'/');


$_SESSION['KCFINDER'] = array(); if (session_id() == "") @session_start();


$sAllowedExtensions = implode(' ',array_map('trim',explode(',',$allowedresourcesuploads))); $_SESSION['KCFINDER'] = array();
$_SESSION['KCFINDER']['types']=array('files'=>$sAllowedExtensions,
'flash'=>$sAllowedExtensions,
'images'=>$sAllowedExtensions);


if ($demoModeOnly === false && $sAllowedExtensions = implode(' ',array_map('trim',explode(',',$allowedresourcesuploads)));
$_SESSION['KCFINDER']['types']=array('files'=>$sAllowedExtensions,
'flash'=>$sAllowedExtensions,
'images'=>$sAllowedExtensions);
if ($demoModeOnly === false &&
isset($_SESSION['loginID']) && isset($_SESSION['loginID']) &&
isset($_SESSION['FileManagerContext'])) isset($_SESSION['FileManagerContext']))
{ {
// disable upload at survey creation time // disable upload at survey creation time
// because we don't know the sid yet // because we don't know the sid yet
if (preg_match('/^(create|edit):(question|group|answer)/',$_SESSION['FileManagerContext']) != 0 || if (preg_match('/^(create|edit):(question|group|answer)/',$_SESSION['FileManagerContext']) != 0 ||
preg_match('/^edit:survey/',$_SESSION['FileManagerContext']) !=0 || preg_match('/^edit:survey/',$_SESSION['FileManagerContext']) !=0 ||
preg_match('/^edit:assessments/',$_SESSION['FileManagerContext']) !=0 || preg_match('/^edit:assessments/',$_SESSION['FileManagerContext']) !=0 ||
preg_match('/^edit:emailsettings/',$_SESSION['FileManagerContext']) != 0) preg_match('/^edit:emailsettings/',$_SESSION['FileManagerContext']) != 0)
{ {
$contextarray=explode(':',$_SESSION['FileManagerContext'],3); $contextarray=explode(':',$_SESSION['FileManagerContext'],3);
$surveyid=$contextarray[2]; $surveyid=$contextarray[2];






if(bHasSurveyPermission($surveyid,'surveycontent','update')) if(bHasSurveyPermission($surveyid,'surveycontent','update'))
{ {
$_SESSION['KCFINDER']['disabled'] = false ; $_SESSION['KCFINDER']['disabled'] = false ;
$_SESSION['KCFINDER']['uploadURL'] = "{$relativeurl}/upload/surveys/{$surveyid}/" ; if (preg_match('/^edit:emailsettings/',$_SESSION['FileManagerContext']) != 0)
$_SESSION['KCFINDER']['uploadDir'] = $uploaddir.'/surveys/'.$surveyid; {
} $_SESSION['KCFINDER']['uploadURL'] = "{$rooturl}/upload/surveys/{$surveyid}/" ;
}
else
{
$_SESSION['KCFINDER']['uploadURL'] = "{$relativeurl}/upload/surveys/{$surveyid}/" ;
}
$_SESSION['KCFINDER']['uploadDir'] = $uploaddir.'/surveys/'.$surveyid;
}


} }
elseif (preg_match('/^edit:label/',$_SESSION['FileManagerContext']) != 0) elseif (preg_match('/^edit:label/',$_SESSION['FileManagerContext']) != 0)
{
$contextarray=explode(':',$_SESSION['FileManagerContext'],3);
$labelid=$contextarray[2];
// check if the user has label management right and labelid defined
if ($_SESSION['USER_RIGHT_MANAGE_LABEL']==1 && isset($labelid) && $labelid != '')
{ {
$_SESSION['KCFINDER']['disabled'] = false ; $contextarray=explode(':',$_SESSION['FileManagerContext'],3);
$_SESSION['KCFINDER']['uploadURL'] = "{$relativeurl}/upload/labels/{$labelid}/" ; $labelid=$contextarray[2];
$_SESSION['KCFINDER']['uploadDir'] = "{$uploaddir}/labels/{$labelid}" ; // check if the user has label management right and labelid defined
if ($_SESSION['USER_RIGHT_MANAGE_LABEL']==1 && isset($labelid) && $labelid != '')
{
$_SESSION['KCFINDER']['disabled'] = false ;
$_SESSION['KCFINDER']['uploadURL'] = "{$relativeurl}/upload/labels/{$labelid}/" ;
$_SESSION['KCFINDER']['uploadDir'] = "{$uploaddir}/labels/{$labelid}" ;
}
} }
}


} }




function __autoload($class) { function __autoload($class) {
if ($class == "uploader") if ($class == "uploader")
require "core/uploader.php"; require "core/uploader.php";
elseif ($class == "browser") elseif ($class == "browser")
require "core/browser.php"; require "core/browser.php";
elseif (file_exists("core/types/$class.php")) elseif (file_exists("core/types/$class.php"))
require "core/types/$class.php"; require "core/types/$class.php";
elseif (file_exists("lib/class_$class.php")) elseif (file_exists("lib/class_$class.php"))
require "lib/class_$class.php"; require "lib/class_$class.php";
elseif (file_exists("lib/helper_$class.php")) elseif (file_exists("lib/helper_$class.php"))
require "lib/helper_$class.php"; require "lib/helper_$class.php";
} }


?> ?>
57 changes: 37 additions & 20 deletions admin/scripts/kcfinder/core/uploader.php
Expand Up @@ -107,25 +107,42 @@ public function __construct() {
if (!strlen($this->config['cookiePath'])) if (!strlen($this->config['cookiePath']))
$this->config['cookiePath'] = "/"; $this->config['cookiePath'] = "/";


// UPLOAD FOLDER INIT // UPLOAD FOLDER INIT
if ($this->config['uploadURL'] == "/") {
$this->config['uploadDir'] = strlen($this->config['uploadDir']) // FULL URL
? path::normalize($this->config['uploadDir']) if (preg_match('/^([a-z]+)\:\/\/([^\/^\:]+)(\:(\d+))?\/(.+)\/?$/',
: path::normalize($_SERVER['DOCUMENT_ROOT']); $this->config['uploadURL'], $patt)
$this->typeDir = "{$this->config['uploadDir']}/{$this->type}"; ) {
$this->typeURL = "/{$this->type}"; list($unused, $protocol, $domain, $unused, $port, $path) = $patt;
} else { $path = path::normalize($path);
$this->config['uploadURL'] = (substr($this->config['uploadURL'], 0, 1) === "/") $this->config['uploadURL'] = "$protocol://$domain" . (strlen($port) ? ":$port" : "") . "/$path";
? path::normalize($this->config['uploadURL']) $this->config['uploadDir'] = strlen($this->config['uploadDir'])
: path::rel2abs_url($this->config['uploadURL']); ? path::normalize($this->config['uploadDir'])
$this->config['uploadDir'] = strlen($this->config['uploadDir']) : path::url2fullPath("/$path");
? path::normalize($this->config['uploadDir']) $this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
: path::url2fullPath($this->config['uploadURL']); $this->typeURL = "{$this->config['uploadURL']}/{$this->type}";
$this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
$this->typeURL = "{$this->config['uploadURL']}/{$this->type}"; // SITE ROOT
} } elseif ($this->config['uploadURL'] == "/") {
if (!is_dir($this->config['uploadDir'])) $this->config['uploadDir'] = strlen($this->config['uploadDir'])
@mkdir($this->config['uploadDir'], $this->config['dirPerms']); ? path::normalize($this->config['uploadDir'])
: path::normalize($_SERVER['DOCUMENT_ROOT']);
$this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
$this->typeURL = "/{$this->type}";

// ABSOLUTE & RELATIVE
} else {
$this->config['uploadURL'] = (substr($this->config['uploadURL'], 0, 1) === "/")
? path::normalize($this->config['uploadURL'])
: path::rel2abs_url($this->config['uploadURL']);
$this->config['uploadDir'] = strlen($this->config['uploadDir'])
? path::normalize($this->config['uploadDir'])
: path::url2fullPath($this->config['uploadURL']);
$this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
$this->typeURL = "{$this->config['uploadURL']}/{$this->type}";
}
if (!is_dir($this->config['uploadDir']))
@mkdir($this->config['uploadDir'], $this->config['dirPerms']);


// HOST APPLICATIONS INIT // HOST APPLICATIONS INIT
if (isset($this->get['CKEditorFuncNum'])) if (isset($this->get['CKEditorFuncNum']))
Expand Down Expand Up @@ -496,4 +513,4 @@ protected function get_htaccess() {
} }
} }


?> ?>
14 changes: 13 additions & 1 deletion admin/scripts/kcfinder/js/helper.js
Expand Up @@ -64,11 +64,23 @@ _.getFileExtension = function(filename, toLower) {
}; };


_.escapeDirs = function(path) { _.escapeDirs = function(path) {
var fullDirExpr = /^([a-z]+)\:\/\/([^\/^\:]+)(\:(\d+))?\/(.+)$/,
prefix = "";
if (fullDirExpr.test(path)) {
var port = path.replace(fullDirExpr, "$4");
prefix = path.replace(fullDirExpr, "$1://$2")
if (port.length)
prefix += ":" + port;
prefix += "/";
path = path.replace(fullDirExpr, "$5");
}

var dirs = path.split('/'); var dirs = path.split('/');
var escapePath = ''; var escapePath = '';
for (var i = 0; i < dirs.length; i++) for (var i = 0; i < dirs.length; i++)
escapePath += encodeURIComponent(dirs[i]) + '/'; escapePath += encodeURIComponent(dirs[i]) + '/';
return escapePath.substr(0, escapePath.length - 1);
return prefix + escapePath.substr(0, escapePath.length - 1);
}; };


_.outerSpace = function(selector, type, mbp) { _.outerSpace = function(selector, type, mbp) {
Expand Down

0 comments on commit b3422d1

Please sign in to comment.